stackoom
  简体   繁体   中英

Why is this access token invalid instantly?

 原文  2016-07-15 18:45:40       c#/ asp.net-mvc/ google-api/ access-token

Question

Scenario:

  1. Created a Google+ Sign-On button for the user to log in. This works.

  2. Saved the access token and printed it out on the index/home page to make sure an access token actually exists. This works.

  3. Attempt to use that same token to authorize the user account (mine in this case) to make AUTHORIZED calls to the Google APIs. This keeps responding with "invalid_token".

So, why is the token invalid for the GET request made almost immediately after I save and print out the access token to the page? Am I calling the wrong URI or providing the wrong parameters? The access token was JUST created but the response I get below is what I see, which includes the Status Code, ReasonPhrase, RequestMessage, Headers, and Content:

Google Response: Unauthorized - Unauthorized - Method: GET, RequestUri: ' https://www.googleapis.com/consumersurveys/v2/surveys?key= {MY_API_KEY}', Version: 1.1, Content: , Headers: { Accept: application/json Authorization: Bearer abcdefghijklmnopqrstuvqxyz123456789 } - Vary: X-Origin, Origin, Accept-Encoding X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Alternate-Protocol: 443:quic Alt-Svc: quic=":443"; ma=2592000; v="36,35,34,33,32,31,30,29,28,27,26,25" Transfer-Encoding: chunked Accept-Ranges: none Cache-Control: max-age=0, private Date: Fri, 15 Jul 2016 18:10:37 GMT Server: GSE WWW-Authenticate: Bearer realm="https://accounts.google.com/", error=invalid_token - System.Net.Http.StreamContent

Google Access Token printed on page: abcdefghijklmnopqrstuvqxyz123456789

All I am simply trying to do is make authorized calls to Google APIs and in order to do that I have to make a GET request and specify my API KEY, and provide an access token (which matches the printed token) but when I do this it says invalid_token and unauthorized. Why does it keep saying this?

This question is an extension of my other question: GET call to a Google API responds with "Unauthorized"

1 answers

solution1
 0 ACCPTED  2016-07-16 16:24:12

I believe the issue is that the access token (which I verified through Postman) required more scopes to authenticate me fully, which makes sense since this API contains surveys that I am trying to access, which are also linked to a Google account.

More info on adding scopes to C# code can be found here: http://www.oauthforaspnet.com/providers/google/

This is also answered here: Why do only OAuth 2.0 Playground access tokens work for Google API?

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Why is the access token generated by IdentityServer4 always invalid? DocuSign JWT Invalid Access Token LinkedIn Access Token Request - signature invalid Receiving invalid access token from Azure AD Why my email confirmation token is invalid Why my email confirmation token is invalid? Google Auth Code Flow requesting token generates invalid client error when exchanging ID token for Access Token Invalid access token from Azure Active Directory using OpenIdConnect E-trade: requesting access token, I get signature invalid Yahoo OAuth 2.0 invalid_grant when issuing an access token
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM